Product: PCI DSS 4.0 capabilities for HUMAN Client-side Defense
Company: HUMAN Security Inc.
HUMAN Security Inc., a digital fraud platform focused on disrupting bot attacks, online fraud and abuse across the buyer's journey, created PCI DSS 4.0 capabilities for HUMAN Client-side Defense, a solution designed to help companies meet new requirements for managing browser scripts on payments pages, which become mandatory on March 31, 2025. Jeffrey Zitomer, senior director, product management, HUMAN Security Inc., said, "HUMAN uses a modern defense strategy to safeguard organizations from digital attacks, fraud, and account abuse. Our solutions increase ROI and trust while decreasing customer friction, data contamination and cybersecurity exposure."
Zitomer stated that modern websites deliver critical business functionality by sourcing code from across the internet, some of which may bypass traditional security controls. Criminals can exploit this attack surface to steal cardholder data, he added, a risk that new PCI requirements address. This solution, combined with PCI DSS 4.0 compliance, can further protect against these threats by enabling normal scripts while blocking undesired cardholder data access, he added.
Zitomer further noted that PCI DSS 4.0 requirements apply to all businesses. Even businesses that fully outsource account data storage, payment processing, and transmission to third-party payment service providers must comply with two new browser script requirements. He summarized those requirements as follows:
HUMAN Security simplifies payment page management by enabling companies to deploy a single line of JavaScript to authorize, justify and ensure script integrity, Zitomer stated, noting that a cloud back end and user interface will track a firm's progress toward compliance and provide comprehensive risk-scored script inventory and on-demand audit reports. He pointed out that the solution will also alert users to unauthorized changes to scripts and HTTP headers, and these and other risky script behaviors can be blocked with a click or simple policy.
Malicious bots can take over user accounts, payment pages, inventory settings, pricing and content, Zitomer stated, affirming that PCI DSS 4.0 capabilities for HUMAN Client-side Defense can solve for these issues, while providing the following features and benefits:
Zitomer emphasized that ISOs, agents and sales channel partners will find PCI DSS 4.0 capabilities for HUMAN Client-side Defense to be not only a timely resource for helping clients meet the 2025 deadline for PCI DSS 4.0, but also an asset that is easy to sell, deploy and operate. "It's easy to connect the dots between PCI DSS 4.0 requirements and the product's UI," he said, noting that copying and pasting a single line of code is all that is needed to get the system up and running, delivering continuous protection, enhanced reporting and automated alerts.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next